package com.haircut.security.model;

import org.springframework.security.authentication.AbstractAuthenticationToken;
import org.springframework.security.core.GrantedAuthority;
import java.util.Collection;

/**
 * 微信认证Token（存储微信openid和认证状态）
 */
public class WechatAuthenticationToken extends AbstractAuthenticationToken {

    // 存储微信openid（认证前）或用户信息（认证后）
    private final Object principal;
    // 存储微信code（认证前）或null（认证后）
    private Object credentials;

    // 认证前构造器（仅含code）
    public WechatAuthenticationToken(String code) {
        super(null);
        this.principal = null;
        this.credentials = code;
        setAuthenticated(false);
    }

    // 认证后构造器（含用户信息和权限）
    public WechatAuthenticationToken(Object principal, Collection<? extends GrantedAuthority> authorities) {
        super(authorities);
        this.principal = principal;
        this.credentials = null;
        super.setAuthenticated(true); // 必须调用父类方法
    }

    @Override
    public Object getCredentials() {
        return credentials;
    }

    @Override
    public Object getPrincipal() {
        return principal;
    }

    @Override
    public void setAuthenticated(boolean isAuthenticated) {
        if (isAuthenticated) {
            throw new IllegalArgumentException("不能手动设置认证状态，请使用构造器");
        }
        super.setAuthenticated(false);
    }
}